package org.gradle.internal.impldep.com.amazonaws.services.s3.internal;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.gradle.internal.impldep.com.amazonaws.AmazonClientException;
import org.gradle.internal.impldep.com.amazonaws.AmazonServiceException;
import org.gradle.internal.impldep.com.amazonaws.AmazonWebServiceRequest;
import org.gradle.internal.impldep.com.amazonaws.Request;
import org.gradle.internal.impldep.com.amazonaws.retry.internal.AuthErrorRetryStrategy;
import org.gradle.internal.impldep.com.amazonaws.retry.internal.AuthRetryParameters;
import org.gradle.internal.impldep.com.amazonaws.services.s3.AmazonS3Client;
import org.gradle.internal.impldep.org.apache.http.annotation.Immutable;

@Immutable
/* loaded from: input_file:org/gradle/internal/impldep/com/amazonaws/services/s3/internal/S3V4AuthErrorRetryStrategy.class */
public class S3V4AuthErrorRetryStrategy implements AuthErrorRetryStrategy {
    private static final String V4_REGION_WARNING = "please use region-specific endpoint to access buckets located in regions that require V4 signing.";
    private final String bucketName;
    private static final List<String> ERROR_MESSAGES_AUTH_ERROR;
    private static Log log = LogFactory.getLog(AmazonS3Client.class);
    private static final List<String> ERROR_CODES_AUTH_ERROR = new ArrayList();

    public S3V4AuthErrorRetryStrategy(String str) {
        this.bucketName = str;
    }

    @Override // org.gradle.internal.impldep.com.amazonaws.retry.internal.AuthErrorRetryStrategy
    public AuthRetryParameters shouldRetryWithAuthParam(Request<?> request, AmazonServiceException amazonServiceException) {
        if (!isAwsV4SigningRequiredError(request.getOriginalRequest(), amazonServiceException)) {
            return null;
        }
        if (!BucketNameUtils.isDNSBucketName(this.bucketName)) {
            throw new AmazonClientException(V4_REGION_WARNING, amazonServiceException);
        }
        AWSS3V4Signer aWSS3V4Signer = new AWSS3V4Signer();
        aWSS3V4Signer.setRegionName("us-east-1");
        aWSS3V4Signer.setServiceName("s3");
        try {
            URI uri = new URI(String.format("https://%s.s3-external-1.amazonaws.com", this.bucketName));
            log.warn("Attempting to re-send the request to " + uri.getHost() + " with AWS V4 authentication. To avoid this warning in the future, " + V4_REGION_WARNING);
            return new AuthRetryParameters(aWSS3V4Signer, uri);
        } catch (URISyntaxException e) {
            throw new AmazonClientException("Failed to re-send the request to \"s3-external-1.amazonaws.com\". please use region-specific endpoint to access buckets located in regions that require V4 signing.", e);
        }
    }

    private static boolean isAwsV4SigningRequiredError(AmazonWebServiceRequest amazonWebServiceRequest, AmazonServiceException amazonServiceException) {
        if (amazonServiceException == null) {
            return false;
        }
        String errorCode = amazonServiceException.getErrorCode();
        String trim = amazonServiceException.getErrorMessage() != null ? amazonServiceException.getErrorMessage().trim() : null;
        if (trim == null || !ERROR_CODES_AUTH_ERROR.contains(errorCode)) {
            return false;
        }
        Iterator<String> it = ERROR_MESSAGES_AUTH_ERROR.iterator();
        while (it.hasNext()) {
            if (trim.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    static {
        ERROR_CODES_AUTH_ERROR.add("InvalidRequest");
        ERROR_CODES_AUTH_ERROR.add("InvalidArgument");
        ERROR_MESSAGES_AUTH_ERROR = new ArrayList();
        ERROR_MESSAGES_AUTH_ERROR.add("Please use AWS4-HMAC-SHA256.");
        ERROR_MESSAGES_AUTH_ERROR.add("AWS KMS managed keys require AWS Signature Version 4.");
    }
}
